[PR #7821/366ba40f backport][3.9] Only check origin if insecure schem…

…e and there are origins to treat as secure, in CookieJar.filter_cookies() (#7825) **This is a backport of PR #7821 as merged into master (366ba40).** Co-authored-by: Rongrong <i@rong.moe>
aio-libs · Nov 12, 2023 · c0f9017 · c0f9017
1 parent 9d498ca
commit c0f9017
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/CHANGES/7821.feature b/CHANGES/7821.feature
@@ -0,0 +1 @@
+Only check origin if insecure scheme and there are origins to treat as secure, in ``CookieJar.filter_cookies()``.
diff --git a/aiohttp/cookiejar.py b/aiohttp/cookiejar.py
@@ -248,14 +248,13 @@ def filter_cookies(
             return filtered
         request_url = URL(request_url)
         hostname = request_url.raw_host or ""
-        request_origin = URL()
-        with contextlib.suppress(ValueError):
-            request_origin = request_url.origin()
 
-        is_not_secure = (
-            request_url.scheme not in ("https", "wss")
-            and request_origin not in self._treat_as_secure_origin
-        )
+        is_not_secure = request_url.scheme not in ("https", "wss")
+        if is_not_secure and self._treat_as_secure_origin:
+            request_origin = URL()
+            with contextlib.suppress(ValueError):
+                request_origin = request_url.origin()
+            is_not_secure = request_origin not in self._treat_as_secure_origin
 
         # Point 2: https://www.rfc-editor.org/rfc/rfc6265.html#section-5.4
         for cookie in sorted(self, key=lambda c: len(c["path"])):